Hi, I'm quite new to Netscreens, so I hope this is a very easy question.
Say A.B.C.0/24 is some public IP range. I'm trying to set up the following (SSG-550): * A.B.C.0/27 on the Untrust sub-interface * 10.0.0.0/24 on a DMZ sub-interface (where servers do support NAT) * A.B.C.32/27 on another DMZ sub-interface (where servers do not support NAT) I would like to map (incoming web traffic): * port 80 of A.B.C.1 => port 80 of 10.0.0.101. * port 80 of A.B.C.2 => port 80 of 10.0.0.102. Is this possible? For some reason I don't have the possibility to create a VIP on the Untrust interface at the moment (and I'm not even sure you can have VIPs with different IP addresses on the same interface...) Vincent _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp